Saturday, June 25, 2005

Why the LifeDrive security "flaw" is not so important

Recently, a method surfaced that allowed users to selectively format parts of the LifeDrive's internal harddrive.
While I personally beleive that this is extremely risky (what if you hit the reset button a little too late, it starts formatting immediately and some data my be damaged), some will now be concerned about the security of their data.
I personally say that there is little reason for beeing concerned! If a thief gets your LifeDrive and really wants the data, he can just remove the hard drive from the machine and read it externally! It may be a bit more effort, but he gets the data anyway if he wants to!
But, actually, the whole LifeDrive hard reset story should have been done differently. The LifeDrive small rom/IOS that handles hard resets could have been made aware of the Palm OS pasword protction scheme. It then could read the password file before offering the menu, and then either ask for password or just erase everything. So, the legitimate user can decide what he wants to have erased, but the thief would still have problems. One can only wonder why they did this(but I don't wonder about PalmOne anymore now that they are unable to repair my T3)..
What do you hink?